but fail2ban is useless because recently a attacker is using IP pools from a botnet ...
I have watched this many times ... the same IP will be used only one time and afterwards a new attack with a new IP is started
no way to block this kind of attacks with iptables or whatever ...
that is why PMA and Filemanager should be protected with a captcha or used only within the controlpanel
Posts by fulltilt
-
-
I have tried another solution with a cookie check and redirect to panel login ...
the User have to login first before using PMAcould it be that mod_rewrite is not working within the /tools folders?
the cookie has been set but I guess rewrite (second htaccess) did not work
fex:Code- nano /var/www/imscp/gui/public/client/.htaccess
- Header set Set-Cookie "YourCookieName=YourSecret123456789abcd"
- nano /var/www/imscp/gui/public/tools/pma/.htaccess
- RewriteEngine On
- RewriteCond %{HTTP_COOKIE} !YourCookieName=YourSecret123456789abcd;? [NC]
- RewriteRule ^ https://admin.YourPanelURL.tld [R=301,L]
-
I had bruteforce attacks from a botnet for about 2 months ... which means blocking of IP addresses did not helped
the only way to stop the attacks was using additional htaccess password protection -
this htaccess should work but it's also blocking:
Code -
found out a bit more ...
I have protected /var/www/imscp/gui/public with .htaccess
is there a way to get it working with PMA session and .htaccess? -
do you think it is possible to delete and re-create all the BIND files by running an update and how should I proceed?
-
I still have this problem with all my systems migrated from ispcp:
If a user logged in and click PMA links:I have already checked for old IP addresses in /var/cache/bind
but did not found any IP conflict ...need help
more details:
using external NS
i found out that there is a difference in /var/cache/bind/admin.host3.domain.tld.db
between a test installation in V-Box and real server ...
at the end of the V-Box file I see many entrys like:/var/cache/bind/admin.host3.domain.tld.db real server shows only one entry at the end:
-
is captcha in PMA latest now available?
http://phpmyadmin.readthedocs.…cfg_CaptchaLoginPublicKeywould be nice to have this included in pma cfg template as a protection against Brute Force Attacks
-
Ich verwende bereits seit mehreren Jahren php-fpm (Nuxwin hats mir mal empfohlen :D). Probleme sind mir bis jetzt keine aufgefallen und bezüglich der Performance, minimal ist diese schon besser. Auf einem Server mit mehreren Kunden ist der Ressourcenverbrauch im Gegensatz zu fcgid wahrscheinlich sogar niedriger. Kannst ja einfach mal testen und gegebenenfalls wieder zurückswitchen.klingt gut
das x-cache kann dann wohl runter bzw. sollte wohl nicht paralell laufen? -
ist das wirklich so ein grosser Performance Schub mit php-fpm?
verwende momentan noch PHP 5.3 fcgid und überlege auf php-fpm umzusteigen ... oder gibt es noch irgendwelche Probleme damit?